6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.7%
Race condition in the mod_auth_shadow module for the Apache HTTP Server
allows remote attackers to bypass authentication, and read and possibly
modify data, via vectors related to improper interaction with an external
helper application for validation of credentials.